Configure DNS Server Zones Fully on Windows Server 2016

After installing DNS, of course, you need to configure DNS because it is an important task to make DNS work correctly. DNS stands for Domain Naming System and the goal of DNS is to change name to IP address and and IP address to name like when you open a server or a web page, you enter a name like www.MicrosoftGeek.com, here the DNS server changes the name to the IP and you can visit the web page or get access to server sources. In this article, I show you how to come along to configure DNS Server fully on Windows Server.

 

Configure DNS Server Fully Step by Step

The DNS configuration is somehow like installing it, means you don’t need to worry or call any administrator to do it because you can do it along by this article, let’s move towards it.

1. When the DNS Server role installed, open the Server Manager window, click on tools tab that the dropdown menu appears and click on the DNS icon to open the DNS. Here I have named my server tactig-dc01.

Server Manager
Server Manager

2. At the first, what we need to do is creating a zone, it is a part of a DNS that the records are restored, for that purpose right click on your computer DNS server name and click on the New zone.

DNS Manager
DNS Manager

3. Skip the welcome page and on the next page, you’ll see three kinds of zone available.

  • Primary zone: is rewritten zone that is not copied from somewhere.
  • Secondary zone: is the copy of another zone, when you create a secondary zone you should copy the records from another source.
  • Stub zone: is providing information whatever server holds a special zone. We want to create a primary zone, then click on that then hit Next.
Primary zone
Primary zone

4. In the next page, you will be asked about replication method.

  • The first option, (To all DNS servers running on domain controller in this forest: <domain name> is used when you want to replicate with the domains and subdomains in the forest but that increases the network traffic.
  • The second option, (To all DNS servers running on domain controllers in the domain: <domain name> is used when you want you DNS server replicate with all DNS servers in in your own domain.
  • The third option, (To all domain controllers in this domain (for Windows 2000 compatibility): <domain name> is used when you want your server replicate with only domain controllers in your own domain. Select the 2nd option. Hit Next.
Replication Scope
Replication Scope

5. In the forward or reverse lookup zone page, select Forward lookup zone. The Forward lookup zone translates DNS name to IP address and the 2nd option, Reverse lookup zone translates IP to DNS name, just select Forward lookup zone then hit Next, we will configure the Reverse lookup zone later.

Forward lookup zone
Forward lookup zone

6. Specify a name for the zone then click on the Next button.

Zone name
Zone name

7. How do you want your zone contents update mode? The recommended option is Allow only secure updates. This option helps you DNS server not to be affected by spywares and viruses,  select the first option and hit Next.

Dynamic update
Dynamic update

8. After continuing, your primary zone is created, just click on the Finish button to start working it.

Finish wizard
Finish wizard

Now the zone has created successfully but the DNS configuration is not done fully yet and the secondary zone as mentioned before is copy of another zone. It means you should copy the contents from somewhere else. Now I want to show you how to create a secondary zone. You need one another server, DNS server installed on. I name the new DNS server: tactig-dns02. The new server that we try to use as a second DNS server should be member of the Active Directory Directory Services. You can do that. If not read the articles about in this website.

1. Now we’ll work on tactig-dns02 server,  open the DNS Manager tool and right-click on the Forward lookup zone, click on the New zone then skip the welcome page by hitting Next. In the Zone Type page, select the Secondary zone.

Secondary zone
Secondary zone

2. In the forward or reverse lookup zone page, select the Forward lookup zone option. It changes the DNS names to IP address. Then click on Next button.

Forward lookup zone
Forward lookup zone

3. Specify a name for the zone. Enter name of a zone that you’ve created before as a primary zone. Here you will have copy of the primary zone as a secondary zone.

Zone name
Zone name

4. In the Master DNS Servers page, you need to specify the master server. The Master server is the server that you’ve a zone out there and you want to copy its contents in your new secondary zone. Enter the master server’s IP address and the IP will be resolved. If the IP is correct, a green check mark will appear next to the IP address box then click on Next button.

DNS Master Servers
DNS Master Servers

5. When the Secondary zone is created, just click on the Finish button.

Finish zone wizard
Finish zone wizard

6. Now click on the new zone you just created, you’ll see the Red x means no content is present and not working properly as mentioned before you should copy the contents from somewhere else.

No Records
No Records

7. Go back to tactig-dns01 server, expand the Forward lookup zone mode and right-click on the zone that you want to get a copy from then select Properties.

Properties
Properties

8. Here select the Name Servers tab and add the server that you’ve installed the secondary zone on, here. When you add the name in the list you can copy the contents. For the purpose click on the Add button.

Name Servers
Name Servers

9. Type the server’s fully qualified domain name (FQDN) in the box as shown and below that box, enter the server’s IP address. When you resolve the server a message appears, don’t be worried because the message tells you that your server is not authoritative for the zone that’s what we know that. We just we want to make a copy of the zone  and click on OKbutton.

Name Server Record
Name Server Record

10. Now come back to tactig-dns02 server, right-click on the zone you created and select Transfer from Master.

Transfer form master
Transfer form master

11. Refresh the page clicking on the Refresh button and you’ll see all the records you could see in tactig-dns01 server zone, now the secondary zone is created and configured properly.

Secondary zone records
Secondary zone records

Another next important point for the DNS configuration is that you should learn what is Reverse Lookup Zone. The Reverse Lookup Zone do opposite to what Forward Lookup Zone does means It change IP address to DNS name, when you’ve or give an IP address, it gives you the DNS name. For doing this, we need just one DNS server and I’ll use my root DNS server (tactig-dns01).

1. It is created the same as primary and secondary zones so expand the server name and right-click on the Forward Lookup Zone then select New Zone. When the page appears, skip the welcome page and select Primary zone then hit Next, leave the next step as default and hit Next. Here Select IPv4 Reverse Lookup Zone or IPv6 reverse lookup zone then hit Next, we use IPv4 version in our networks so you can choose the one you want to use.

IPv4 Reverse Lookup Zone
IPv4 Reverse Lookup Zone

2. At this point, the Network ID is needed for the zone, specify the Network ID then hit Next ( The Network ID is your network’s IP address.

Network ID
Network ID

3. Select the Allow only secure dynamic update option and click on Next button then finish the wizard to completely finish the configuration.

Finish Wizard
Finish Wizard

4. Run PowerShell as administrator. Type this command: ipconfig /registerdns. Press Enter button.

Register DNS
Register DNS

5. Refresh the Forward Reverse Zone node, you will see that an IP address is added there and you are done!

Forward Reverse Zone
Forward Reverse Zone

Conclusion: The DNS configuration is completely done. Yes, this was the basic configuration of DNS and the Advanced configuration of the DNS is more complicated.

Category: Domain Name System ( DNS ), Windows Server 2016